SecTeer VulnDetect Support Forum

    VulnDetect

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Download VulnDetect Installer

    [Solved] W10 20H2 not detected and W10 reported as insecure

    Solved Detection Issues
    3
    9
    152
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      GregAlexandre last edited by OLLI_S

      Hi,

      I updated to W10 20H2 (fr) fully patched and W10 is reported as insecure.
      6395fef8-24b8-44b3-9662-7fca1f344839-image.png
      cf086f3a-e343-4318-b7f6-de8193af8981-image.png

      Hope this helps.
      Regard.
      PS: please note that french date format is; dd/mm/aaaa

      1 Reply Last reply Reply Quote 0
      • OLLI_S
        OLLI_S Community Moderator last edited by

        OK, then I mark this issue as solved.

        1 Reply Last reply Reply Quote 0
        • G
          GregAlexandre @Tom last edited by

          @Tom : both fixed
          @OLLI_S : can you please move it to fixed issue?

          1 Reply Last reply Reply Quote 0
          • G
            GregAlexandre @OLLI_S last edited by GregAlexandre

            @OLLI_S : Risk or at least vulnerability level is required for pro usage. 🙂

            For standard user, with no idea of what is risk assessment red/yellow/green status is more useful. I think that most people in France do not know what means CVE and if they can have the related description and CVSS will be unable to assess their risks and chose what to do but fix when patch is available.

            1 Reply Last reply Reply Quote 0
            • OLLI_S
              OLLI_S Community Moderator last edited by

              Inhink @Tom is right.
              There is an vulnerabily in Windows 10 where up to now there is no patch available.
              So Windows 10 is up-to-date but it is also insecure.

              The problem is, that there is no explanation.
              No Threat Level and also no CVE information.
              Both suggestions exist over 2 years...

              G 1 Reply Last reply Reply Quote 0
              • G
                GregAlexandre @Tom last edited by

                @Tom : Any product is de facto insecure till next security patch with known or unknown vulnerabilities. So any product is always more or less insecure.

                So at this time W10 with its known vulnerabilities is as secure as standard user can have it when windows update writes: you are up-to-date (fr to en translation).

                To have it reported as "insecure" only lead me to time lost to look for what I missed!

                May I suggest to have another status if you want to report "insecure but with no solution" status. Orange (yellow) "insecure"?

                Regards.

                1 Reply Last reply Reply Quote 0
                • T
                  Tom VulnDetect Team Member last edited by

                  Indeed, and it is Insecure.

                  But the update is not yet available. Windows is vulnerable to CVE-2020-17087.

                  This is a privilege escalation vulnerability which was exploited together with the recent 0-day in Google Chrome:
                  https://www.theregister.com/2020/10/30/windows_kernel_zeroday/

                  Right now it is even more important to keep all other software up-to-date, since this vulnerability can (and was) used to break out of the sandbox protection, which is used by some applications (including Chrome) to make it harder to fully compromise a system via a remote exploit.

                  /Tom
                  Download the latest SecTeer VulnDetect agent here:
                  https://vulndetect.com/dl/secteerSetup.exe

                  G 1 Reply Last reply Reply Quote 0
                  • OLLI_S
                    OLLI_S Community Moderator last edited by OLLI_S

                    Same here:

                    77300d94-6365-4a00-bc3e-d306ac0cdac9-image.png

                    There are no Windows Updates available, but it is marked as "Insecure".

                    Also Win 10 tells me that there are no updates available:

                    991c5079-d5f0-4e38-9fdd-40a759906ae6-image.png

                    1 Reply Last reply Reply Quote 0
                    • T
                      Tom VulnDetect Team Member last edited by

                      We will soon review the title of Windows 10, it does appears that Microsoft has changed the naming / versioning of the semi-annual releases.

                      Try to expand the Windows 10 entry, there should be a list of one or more KBs that are missing and which are security related.

                      /Tom
                      Download the latest SecTeer VulnDetect agent here:
                      https://vulndetect.com/dl/secteerSetup.exe

                      G 1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

                      Please see our Privacy and Data Processing Policy
                      Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
                      Forum software by NodeBB